binaryanalysisplatform / bap-ida-python Goto Github PK
View Code? Open in Web Editor NEWintegration with IDA
License: MIT License
bap-ida-python's People
Contributors
Stargazers
Watchers
Forkers
jaybosamiya rvantonder ivg mcgrady1 chubbymaggie prometheusxtime f0829 idkwim obaby blacktrace deelmind explife0011 abhcs mmg1 gitoleg wgwjifeng dragonlinux l9sk heruix sigma-random freemanzyq tata19884 crackercat veryblack xiajun325 idapluginproject clayne fengjixuchui ccccccccvvmbap-ida-python's Issues
Bap view doesn't capture stderr output
If bap fails with an error that is outputted to stderr, nothing is shown in bap output window
For example in IDA:
BAP execution string
--------------------
bap
--taint-reg=0x871C
--taint
--propagate-taint
--map-terms-with='((true) (color gray))'
--map-terms-with='((is-visited) (color white))'
--map-terms-with='((has-taints) (color red))'
--map-terms-with='((taints) (color yellow))'
--map-terms
--emit-ida-script-attr=color
--emit-ida-script-file=/tmp/ida-bap-JER5vn.py
--emit-ida-script
Output
------
IRL:
$ bap --taint-reg=0x871C --taint --propagate-taint --map-terms-with='((true) (color gray))' --map-terms-with='((is-visited) (color white))' --map-terms-with='((has-taints) (color red))' --map-terms-with='((taints) (color yellow))' --map-terms --emit-ida-script-attr=color --emit-ida-script-file=/tmp/ida-bap-JER5vn.py --emit-ida-scrip
Uncaught exception:
(Sys_error "No space left on device")
Raised by primitive operation at file "pervasives.ml", line 325, characters 19-27
Called from file "lib/bap_bundle/bap_bundle.ml", line 151, characters 8-45
Called from file "src/exn.ml", line 45, characters 8-11
Re-raised at file "src/exn.ml", line 48, characters 12-15
Called from file "lib/bap_plugins/bap_plugins.ml", line 102, characters 4-48
Called from file "lib/bap_plugins/bap_plugins.ml", line 132, characters 14-37
Called from file "list.ml", line 84, characters 24-34
Called from file "lib/bap_plugins/bap_plugins.ml", line 152, characters 6-30
Called from file "lib/bap_plugins/bap_plugins.ml", line 162, characters 10-25
Called from file "lib/bap_plugins/bap_plugins.ml", line 200, characters 24-37
Called from file "src/core_list0.ml", line 985, characters 12-16
Called from file "src/core_list0.ml", line 992, characters 31-52
Called from file "lib/bap_plugins/bap_plugins.ml", line 210, characters 14-39
Called from file "lib/bap_plugins/bap_plugins.ml", line 240, characters 4-29
Called from file "src/bap_plugin_loader.ml", line 108, characters 25-68
Called from file "src/bap_main.ml", line 222, characters 20-65
Called from file "src/bap_main.ml", line 245, characters 20-33
Seems to be incompatible with bap 1.3.0
With bap installed from OPAM:
$ bap --version 1.3.0
Then in IDA with the plugin loaded correctly I get the following when I try to use it:
bap: unknown option '--emit-ida-script-attr'.
unknown option '--emit-ida-script-file'.
Usage: bap [OPTION]... FILE
Try 'bap --help' for more information.
capture `bap` return code
bap returns with nonzero if something is wrong, so for a better diagnostics we should capture the return code and if it failed output a big popup window
Installing bap-ida-python with IDA 7.0?
Hello,
After installing bap 1.3.0 and the newest IDA (7.0) I attempted to install bap-ida-python.1.2.0 but the conf.ida.0.1 has been unable to find where IDA has been installed and bap-ida-python install fails.
Inspecting the conf-ida-0.1 script, it has been trying to locate 'idaq64', yet the IDA no longer appears to have idaq64 (just ida64 and idat64). I edited the conf-ida to locate 'ida64' but retrying 'opam install bap-ida-python.1.2.0' seems to overwrite these changes with the previous conf-ida version.
Is there a way to install bap-ida-python.1.2.0 using opam accounting for the IDA 7.0 update?
Thanks!
note opam package in the readme
The easiest way to install is to use opam, and most likely that all users will pursue this path, so we should mention it.
Installation issues
First, it doesn't find the setup.py file whitch I find it in the repo: https://github.com/jaybosamiya/bap_ida_python
Second, when I try "import bap.plugins", it returns "No module named plugins".
64-bit binaries are loaded as 32-bit
Currently on BAP 1.6.0, opam 2.0.3, and IDA 7.1, given the file assembly compiled with gcc -nostdlib -o foo -foo.S:
.global _start
.text
foo:
nop
ret
main:
lea -0x98(%rsp), %rsp
mov %rdx, (%rsp)
call foo
mov (%rsp), %rdx
lea 0x98(%rsp), %rsp
ret
_start:
call main
mov $0x0, %rbx
mov $0x1, %rax
int $0x80
When we grab the BIR representation with bap -dbir foo, we get
00000026: sub main(main_argc, main_argv, main_result)
00000028: main_argc :: in u32 = RDI
00000029: main_argv :: in out u64 = RSI
0000002a: main_result :: out u32 = RAX
0000001a:
0000001b: RSP := low:64[RSP + 0xFFFFFFFFFFFFFF68]
0000001c: mem := mem with [RSP, el]:u64 <- RDX
0000001d: RSP := RSP - 8
0000001e: mem := mem with [RSP, el]:u64 <- 0x254
0000001f: call @foo with return %00000020
00000020:
00000021: RDX := mem[RSP, el]:u64
00000022: RSP := low:64[RSP + 0x98]
00000023: v14 := mem[RSP, el]:u64
00000024: RSP := RSP + 8
00000025: return v14
as expected.
However, with the IDA backend, and running the command bap -dbir --loader=ida --rooter=ida symbolizer=ida --brancher=ida foo, all of the registers become 32-bit:
00000045: sub main(main_argc, main_argv, main_result)
0000005c: main_argc :: in u32 = mem[ESP + 4, el]:u32
0000005d: main_argv :: in out u32 = mem[ESP + 8, el]:u32
0000005e: main_result :: out u32 = EAX
0000001d:
0000001f: EAX := low:32[EAX] - 1
00000025: ESP := low:32[low:32[ESP] + -0x98]
00000027: EAX := low:32[EAX] - 1
0000002d: mem := mem with [ESP, el]:u32 <- EDX
0000002e: ESP := ESP - 4
0000002f: mem := mem with [ESP, el]:u32 <- 0x254
00000030: call @foo with return %00000031
00000031:
00000033: EAX := low:32[EAX] - 1
00000039: EDX := mem[ESP, el]:u32
0000003b: EAX := low:32[EAX] - 1
00000041: ESP := low:32[low:32[ESP] + 0x98]
00000042: v18 := mem[ESP, el]:u32
00000043: ESP := ESP + 4
00000044: return v18
Support for go binaries
Symbols in Go binaries can contain parentheses, that will break the format. They should be delimited with quotes to prevent this.
a special handling of unit attributes
Many attributes in bap has a unit type and denote a boolean property. For example, the dead attribute:
// (BAP (dead ("()")))it would be nice to have a special handling for unit attributes. I suggest that unit value is just not printed at all, e.g.,
// (BAP (dead)Installation using opam
Hello! I've been trying to install bap-ida-python package through opam, but I got this error:
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.